Computer key with lock insignia on it.

Putting data systems on lockdown can prevent viruses from proliferating.

3 incident response planning tips and tricks for executives

From tech threats to natural disasters, dangers to the workplace run the proverbial gamut. And unfortunately, several polls suggest that employees wouldn't know how to best respond to these incidents.

That's a big problem, because the threats aren't by any means diminishing – they're proliferating, particularly those that emanate from online.

"40% of cyberattacks in 2018 derived from phishing."

According to a recent study from SecureWorks, approximately 40 percent of cyberattacks in 2018 derived from phishing. This malicious tactic involves scamming people into clicking on links sent through email. It's resorted to because phishing tactics tend to be more difficult to detect.

Another common attack method is so-called scan and exploit. Accounting for approximately 25 percent of hacks, according to the study, scan and exploit is an umbrella term, the activities of which include guessing passwords, placing webshells on unsecured servers and exploiting internet-enabled devices.

Regardless of how these incursions occur, the main takeaway is they're happening at a disturbingly high rate and executives must do all they can to implement an effective response. Here are a few best practices that can help:

Identify where threats exist
You can't mount a defense if you don't know where the threats exist. As it pertains to data theft, the access points are innumerable. Do your research to see what are the biggest risks facing your industry, such as Ransomware, and from where they occur. Email, external hard drives, social engineering or internal sabotage are among the most common vehicles.

Adhere to the 'Three Ps'
The three Ps stand for Partitioning, Privileges and Perimeter. As noted by SecureWorks, partitioning involves only allowing certain users to have access to particular sensitive information. In a similar vein, privileges refers to limiting the number of people who have permission to access valuable data. Keeping the total small in number not only decreases opportunities for attackers gain access but also reduces the spread of a virus. The final P – perimeter – entails hardening the outer banks of the network. This might include installing patches, knowing what ports connect to the internet and utilizing multifactor authentication.

Set up a response team
Data breaches have become so commonplace that they may necessitate the formation of an incident response team. The goal of these teams is not only to identify and counteract these threats but to prevent them from happening at all. While this is impossible to do, executives can reduce their impact by putting the right people in the right positions. Lead investigators, communications leaders, documentation leaders and IT directors are among the roles that every response team should ideally include, according to SecurityMetrics.

These three action items can help executives establish an effective shield to incidents where and when they happen.